Perhaps the biggest issue here is that Timmy is standing there in conferences and in front of politicians such as the EU parliament bragging over how serious Apple takes privacy, while at the same time knowing his company store their customers data with the same companies he gives flack for NOT taking privacy serious. It is, at best, hypocrisy, at worst, complete contempt of his customers.
I hate suing of any kind, regardless of who was damaged or how. Perhaps I would think differently about that if the Western world wasn't so litigious as it is now, but I can't help how I feel. Suing at the rate we do is just insane.
With that said, I'm afraid this lawsuit does have some teeth in that even I myself had been under the strong impression that all iCloud data was stored exclusively on Apple owned and operated servers. If we are honest with ourselves, we must admit Apple has been at least a tad disingenuous about servers and storage. That doesn't mean I support the lawsuit. It just means Apple should have either been more open with us or stored everything exclusively on Apple owned and operated servers, like we all thought they were doing in the first place. I think this matter is at least as serious as the aging battery, power throttling issue that hit the global news a year ago. Sometimes it doesn't seem that being transparent is a good thing, but when news like this hits the fan, then the realization strikes. Apple could have handled this better, just like they could have handled info about power throttling better.
It doesn't matter if Apple never made it 100% clear they don't store data on 100% Apple-owned and operated servers and that we the public should have assumed Apple stored data outside Apple. Legal jargon that few if any people read doesn't matter either insofar as few people read it, and such information isn't even spoken about in the tech media, whose job it is to sleuth out those details for us. Public perception and "the general understanding" matters most. I had the perception, like most of you, that Apple stored our iCloud data on Apple servers. It doesn't matter if my believing that was in error. That was the perception that Apple allowed the general public to believe. Surely Apple knew the general consensus, and if they didn't, Apple surely does now. Again, I don't support the lawsuit by saying that. I just wish it had been made more clear by Apple how iCloud data was stored. That's all.
Er … no, I’m afraid Apple cannot be sued for your ignorance.
If you walked into court to sue your day loan company because they charged you a 1000% interest, do you think “I didn’t bother to check” is a defence? Nope, it ain’t.
If you had anything more than fake concern for where Apple was storing data then the information was easy enough to find. The reason you didn’t is because, aside from scoring troll points, you didn’t actually care.
No thought not. So why is it Apple’s fault you chose to bury your head in the sand?
Apple has made no secret that it uses a combination of its own servers (for iTunes, Messages, Apple Music) and third party servers (explicitly mentioned right there, for storage).
Apple has given the public the impression they store data in their own datacenters, and as Apple provides these services around the planet and customers in different countries should be informed where their data actually is stored so they can make informed decisions if they want to use the service or not. It probably also has lead customers to believe they got an increased level of privacy (as spouted by Apple marketing), when in reality they got closer to Amazon Web Services, Google and Microsoft base level. If I knew my iCloud data was stored on Google servers, I would have ended the iCloud subscription immediately.
But of course for ex-Compaq Tim Cook, he don't see the difference.
I think you are confusing your interpretation of what Apple said. They never said they owned the servers that house iCloud data, plus they don’t go into detail with the public on what data is stored on those specific servers. Plus the fact that they use encryption which so far no one has been able to defeat makes it hard to present a case in which the plaintiffs or you were harmed.
IANAL, but I have been asked to leave a Holiday Inn Express to avoid a drunken disorderly charge. Anywho. Funnily enough, the plaintiffs can use the exact argument you're incorrectly using to defend Apple: They never said they owned the servers housing the data. But did they imply it by stating: "When iCloud is enabled, your content will be automatically sent to and stored by Apple..."? It's an ambiguous statement that depends entirely on reader interpretation. In contract dispute, ambiguity favors the party who didn't write the contract. Also not helping Apple, the explicit (not ambiguous) nature of the Chinese agreement. They tell the Chinese user straight up - we're storing your data with these guys over here. Now that could be required legalese because they also store the encryption keys with the Chinese. Who knows. But they do something for the Chinese they don't do for other customers.
The encryption has nothing to do with whether or not the plaintiffs were harmed. The harm is described in the article. The claim states they were denied their right to make an informed decision about paid iCloud services because they were denied relevant information: Apple stores customer data on 3rd part servers. Again, IANAL, but I think it's safe to say the plaintiff's lawyers are going to juxtapose Apple's shaded dig at Google (We don't sell your data. You are not the product) against Apple's willingness to store that customer data on the servers of the "data seller".
My guess is that all these Apple Data Centers do something. My guess is the data is actually stored in those servers.
Since it’s public knowledge — not that the public actually knows anything — that Apple’s iCloud services used cloud services software from Microsoft, AWS, IBM, and others depending on location (such as country), I’m not surprised that Apple is actually doing what they said they were doing.
I do remember years ago Apples attempt to build their own cloud services failed, because they were not successful in building such a system from scratch. They made it clear then that they would be using the cloud services from existing providers, implemented at Apple’s own data centers.
I think one of the problems with what Apple is doing was illustrated when Bloomberg published the story about possible server corruption primarily on AWS (Amazon) servers -- and said that Apple may also have been affected.
Apple's response was: "We guarantee absolutely 100% that our iCloud servers were never impacted". But this illustrates the ludicrous nature of that statement: Since iCloud data was almost all stored on Amazon's servers, Tim had absolutely no way of knowing if those servers had been corrupted. None. Zero. Even if the story was proven to be false, Tim still cannot guarantee the integrity of servers he does not own and control.
I was taught a long time ago that nothing is completely safe -- if criminals want in badly enough, they will get in. The trick is to make it hard enough for them to make them go elsewhere. Apple has always projected that their security was the best around. But, since our iCloud data is sitting on Amazon servers, it is obviously no safer there than if it were stored on, well, an Amazon server.
While I admire Apple for having all or nearly all 100% renewable energy facilities, they should maybe focus more on developing their own facilities and get our data out of the hands of Amazon, Google and Microsoft.
Perhaps the biggest issue here is that Timmy is standing there in conferences and in front of politicians such as the EU parliament bragging over how serious Apple takes privacy, while at the same time knowing his company store their customers data with the same companies he gives flack for NOT taking privacy serious. It is, at best, hypocrisy, at worst, complete contempt of his customers.
Learn to read. It’ll serve you well in your future endeavours.
If we use third-party vendors to store your information, we encrypt it and never give them the keys. Apple retains the encryption keys in our own data centers, so you can back up, sync, and share your iCloud data. iCloud Keychain stores your passwords and credit card information in such a way that Apple cannot read or access them.
Oh, and before GoogleGuy jumps in with his usual “WaddaboutChina” trope, Apple has said, on more than one occasion, that Apple retains the keys for the Chinese data centres.
Which means the Chinese government still has to make a request to Apple for the data. The difference is that they no longer have to go through the US courts (or any court for that matter) to get it. Because they have to make a request then Apple can keep track of them.
Between 2013 and 2017, the Chinese made 176 information requests. During the same period, the US government made 8475 requests, which is odd given the relative size of the countries’ populations.
What is really interesting is that Apple said ‘no’ to all the Chinese requests and ‘okay’ to over 2000 of the US requests, presumably because it was harder for the Chinese to get a court order for Chinese user data stored in the US. Now they don’t have that problem anymore, then it’ll be interesting to see how the numbers change, or if Apple continues to report them.
Fact is, the US spies on its citizens (and non-citizens), same as the Chinese, and neither country cares who knows it.
While I admire Apple for having all or nearly all 100% renewable energy facilities, they should maybe focus more on developing their own facilities and get our data out of the hands of Amazon, Google and Microsoft.
Apple has been trying to do that. The case where a single objector delayed and eventually caused Apple to abandon a DC in Ireland is well known. That objector was upset because he ran a DC that Apple wasn't going to use. The same objector tried the same trick with Microsoft and lost.
Building DC's is also more than just putting up a structure and installing a few computers. The connectivity to the rest of the world is also vitally important. In the irish case, Galway is where several trans-atlantic fibre cables come ashore.
I know of many DC's that are located in London's Docklands simply because of the high speed connectivity that is right there on their doorstep.
If you think this stuff is easy, cheap and quick to impliment then please go right ahead. It isn't. That's why MS, Amazon, IBM, Rackspace, Google and the rest have invested billions in setting up their DC's.
What we don't know is if the space that Apple rents from say MS is managed as a totally bit of infrastructure to the rest of Azure that you or I might use for buisness. That might very well be the case.
Perhaps the biggest issue here is that Timmy is standing there in conferences and in front of politicians such as the EU parliament bragging over how serious Apple takes privacy, while at the same time knowing his company store their customers data with the same companies he gives flack for NOT taking privacy serious. It is, at best, hypocrisy, at worst, complete contempt of his customers.
Learn to read.
Ditto!
There is nothing to read except Timmy's public statements, bragging and virtue signaling on Apple privacy, while at the same time using the services he scorns for lacking privacy to store Apple customer data and produce the iCloud service.
While I admire Apple for having all or nearly all 100% renewable energy facilities, they should maybe focus more on developing their own facilities and get our data out of the hands of Amazon, Google and Microsoft.
Apple has been trying to do that. The case where a single objector delayed and eventually caused Apple to abandon a DC in Ireland is well known. That objector was upset because he ran a DC that Apple wasn't going to use. The same objector tried the same trick with Microsoft and lost.
Building DC's is also more than just putting up a structure and installing a few computers. The connectivity to the rest of the world is also vitally important. In the irish case, Galway is where several trans-atlantic fibre cables come ashore.
I know of many DC's that are located in London's Docklands simply because of the high speed connectivity that is right there on their doorstep.
If you think this stuff is easy, cheap and quick to impliment then please go right ahead. It isn't. That's why MS, Amazon, IBM, Rackspace, Google and the rest have invested billions in setting up their DC's.
What we don't know is if the space that Apple rents from say MS is managed as a totally bit of infrastructure to the rest of Azure that you or I might use for buisness. That might very well be the case.
A data center is essentially just a big warehouse with added security, some big TC and Power lines feeding it, and some UPS stuff added. And, oh, a bunch of computers and storage devices inside. It's not that big of a deal.
Apple has given the public the impression they store data in their own datacenters, and as Apple provides these services around the planet and customers in different countries should be informed where their data actually is stored so they can make informed decisions if they want to use the service or not. It probably also has lead customers to believe they got an increased level of privacy (as spouted by Apple marketing), when in reality they got closer to Amazon Web Services, Google and Microsoft base level. If I knew my iCloud data was stored on Google servers, I would have ended the iCloud subscription immediately.
But of course for ex-Compaq Tim Cook, he don't see the difference.
Not even sure where to start...
Apple has ALWAYS used 3rd party data centers to store information, it wasn’t until recently - the last 7-10 years - that they started building out their own infrastructure to house their customers data.
It is widely known that Apple has been moving everything in house, which means, moving from a 3rd party to 1st party. Their first big move was building their own CDN (moving away from Akamai) for distributing iTunes content around the world, and then they began to build their owndata centers. The problem has always been that their user base grew much faster than they could keep up with. So they have not been able to bring EVERYTHING in house up to this point. And in case you haven’t noticed, recently every time they attempt to build a data center, it seems to get shot down by locals. This has happened several times in Europe. (And I’m sure we can find a discussion where you completely agreed with those locals.)
Furthermore, Apple has NEVER said they “house” all their customer data. As the article mentions the agreement says, “...sent to and stored by Apple”. That tells me all data is initially sent to Apple’s servers, and then stored by Apple, which could mean on their own servers or a 3rd party server. It does not ANYWHERE say stored “at” Apple. If Apple is leasing servers from a 3rd party and stores data on them, then that data is still being stored by Apple.
On top of that, what makes you think Amazon, Microsoft, or Google have access to any of that data? You seriously don’t think privacy and security are a part of the contract even for these data hungry companies?!? This isn’t the same thing as milking users, the last thing these companies want to do is screw with a giant corporation like Apple who’s probably paying them hundreds of millions of dollars. And you seriously don't think Apple encrypts that data before its stored on those servers?
I would never trust Google with my data, but I sure as hell would trust Apple to know what they’re doing, even if they’re using a 3rd party data center to store my data.
Said It before and I’ll say it again. If you lose a lawsuit you should be forced to pay the other party’s legal costs.
I thought that was typical if you lose. Ask Samsung. Ask those families who tried to sue the movie theater in Aurora, Co, when they were blaming the theater for their family members murders. The judge warned them not to proceed because of this and they ended up with the loss of a family member and a huge legal bill when the judge sided with the theater.
It is up to the judge. If they think the suit is particularly frivolous or vexatious, they can assign the defendants legal fees to the plaintiff. But it is not an automatic. In the vast majority of suits each side takes care of their own legal fees. This has lead to what have been called "slap suits". In those cases a large, usually corporation, will sue some person. Often for their political action or because the person has been bringing attention to the companies misbehaviour. The suit has no chance but the company has millions to drop into appeals, and delays, and demands for evidence, and more appeals. And when that fails they just file another suit. They can lose and still win by bankrupting the person. Effectively shutting them up so the corporation can continue their unethical practices. Legislation has been proposed, but I don't know if it has been passed anywhere, imposing severe penalties for slap suits.
Perhaps the biggest issue here is that Timmy is standing there in conferences and in front of politicians such as the EU parliament bragging over how serious Apple takes privacy, while at the same time knowing his company store their customers data with the same companies he gives flack for NOT taking privacy serious. It is, at best, hypocrisy, at worst, complete contempt of his customers.
Haha!
You can't be serious!? You really think those same user-centric terms and services those companies offer are the same as the enterprise cloud hosting/server services? Do you really think Apple created a Google account and just started storing all their customer data on Google Drive. LOL And you make the assumption that Apple would store all their user data on a 3rd party server without encrypting it? The amount of ignorance and hate is unbelievable.
Look, I don't like Google or Amazon, or even Microsoft, and I would never trust any of my data with them, but the service they provide to Apple (and other companies) is NOT the same they would provide to you or me. And when offering that type of service you can in fact make the assumption that privacy and security is part of the deal. To think otherwise, well, is just stupid.
Apple has given the public the impression they store data in their own datacenters, and as Apple provides these services around the planet and customers in different countries should be informed where their data actually is stored so they can make informed decisions if they want to use the service or not. It probably also has lead customers to believe they got an increased level of privacy (as spouted by Apple marketing), when in reality they got closer to Amazon Web Services, Google and Microsoft base level. If I knew my iCloud data was stored on Google servers, I would have ended the iCloud subscription immediately.
But of course for ex-Compaq Tim Cook, he don't see the difference.
Not even sure where to start...
I would never trust Google with my data, but I sure as hell would trust Apple to know what they’re doing, even if they’re using a 3rd party data center to store my data.
All the silliness about "I'd never trust Google with my data". What the heck is Google going to do with it, place an ad at worst? For advertising purposes you're just an Advertising ID Number to them anyway just as you are with Apple. Reset or opt out of either of them at any time. They aren't marketing to MJTomlin the person who resides at 123 Main in Anytown, they're placing ads that seem to be a match for the anonymized and bundled you represented by that Advertising ID Number.
FWIW Apple very obviously trusts Google with your data, happily sending you to Google Search by default and delaying the cookie expiration when you do so by three days (as far as I remember reading) to accommodate legitimate advertisers and placement companies who may be using their services. Essentially Apple still allows Safari users to be served personalized ads in the near term, but being very careful that those searches aren't being remarketed by shadier 3rd parties later on, thus the quick cookie expirations.
So at the end of the day Apple trusts Google but you don't. As is very often said here, I trust Apple knows better and you yourself say exactly the same. So why the disconnect, you don't really trust Apple knows better?
Anyway this lawsuit is a simple attempt at a money grab, no grounds for harm that I can see even if some users were paying more attention to PR than ToS. I seriously doubt the lawyers get anywhere with this.
Those of you who believe that Apple should somehow be sequestering all of your iCloud data into its own physical data centers also believe that your bank and investing firms (e.g., Fidelity) are also hosting all of their online services and access to your accounts inside their own physical server farms. Maybe you should periodically drop into your local bank branch and demand: "Show me your servers!" Sure.
Being that Apple had disclosed this info long ago, the lawsuit is meritless.
That said, it's about time Apple builds out its own infrastructure and perhaps even offers it as a service to others as an additional revenue source.
I am not at all comfortable with my data on Google, Amazon, or MS servers. But there is nothing I can do about it. So in a way, I am thankful for this lawsuit. Hope it wakes up some thinking at Apple.
It's no good using the most secure devices when the company you trust is letting the less secure and less scrupulous out there hold your data for you. Yikes.
Yikes? How many bit encryption do you need to feel “secure”?
Perhaps the biggest issue here is that Timmy is standing there in conferences and in front of politicians such as the EU parliament bragging over how serious Apple takes privacy, while at the same time knowing his company store their customers data with the same companies he gives flack for NOT taking privacy serious. It is, at best, hypocrisy, at worst, complete contempt of his customers.
I recommend you to read about encryption. Maybe education can subside some of your fears.
Apple has given the public the impression they store data in their own datacenters, and as Apple provides these services around the planet and customers in different countries should be informed where their data actually is stored so they can make informed decisions if they want to use the service or not. It probably also has lead customers to believe they got an increased level of privacy (as spouted by Apple marketing), when in reality they got closer to Amazon Web Services, Google and Microsoft base level. If I knew my iCloud data was stored on Google servers, I would have ended the iCloud subscription immediately.
But of course for ex-Compaq Tim Cook, he don't see the difference.
I think you are confusing your interpretation of what Apple said. They never said they owned the servers that house iCloud data, plus they don’t go into detail with the public on what data is stored on those specific servers. Plus the fact that they use encryption which so far no one has been able to defeat makes it hard to present a case in which the plaintiffs or you were harmed.
I am not confusing anything. Apple has made multiple announcements of how they are building large data centers for iCloud and other services, and have even given tours of them for journalists.
It has been generally assumed that Apple mainly have been hosting iCloud on Microsoft Azure architecture, but the servers running it were fully deployed to Apple owned facilities and locations.
Data hosted in other cloud services will necessarily also end up in their backup systems where they never should have been. They can possibly also be decrypted there because Apple can decrypt iCloud hosted data and have done so in multiple cases for law enforcement. When the data end up in a third party backup system it can also be restored to a different location and potentially be compromised.
This is also about Apple's integrity and trustworthiness. They pretend to have a holier-than-thou stance on privacy, yet completely fail to inform the customers that their data might migrate outside Apple facilities. NOT good!
How can you say something is generally assumed and then think it to be worth a lawsuit when you are incorrect? Who cares if there were large announcements detailing Apple building data centers? Are you saying this also not true? You are making it seem as though they offered iCloud services and made announcements of the data centers they were building and then used 3rd party servers to deceive people?
I also assumed as you did that they owned the servers where iCloud data is stored. I am not really shocked to learn that they had to use some outside services to do to the sheer number of users. I personally am not worried that my encrypted data will somehow become unencrypted and get out to the public. I trust Apple's security and encryption.
iCloud secures your information by encrypting it when it's in transit, storing it in iCloud in an encrypted format, and using secure tokens for authentication. For certain sensitive information, Apple uses end-to-end encryption. ... No one else, not even Apple, can access end-to-end encrypted information.Jul 3, 2019
Apple has given the public the impression they store data in their own datacenters, and as Apple provides these services around the planet and customers in different countries should be informed where their data actually is stored so they can make informed decisions if they want to use the service or not. It probably also has lead customers to believe they got an increased level of privacy (as spouted by Apple marketing), when in reality they got closer to Amazon Web Services, Google and Microsoft base level. If I knew my iCloud data was stored on Google servers, I would have ended the iCloud subscription immediately.
But of course for ex-Compaq Tim Cook, he don't see the difference.
I think you are confusing your interpretation of what Apple said. They never said they owned the servers that house iCloud data, plus they don’t go into detail with the public on what data is stored on those specific servers. Plus the fact that they use encryption which so far no one has been able to defeat makes it hard to present a case in which the plaintiffs or you were harmed.
I am not confusing anything. Apple has made multiple announcements of how they are building large data centers for iCloud and other services, and have even given tours of them for journalists.
It has been generally assumed that Apple mainly have been hosting iCloud on Microsoft Azure architecture, but the servers running it were fully deployed to Apple owned facilities and locations.
Data hosted in other cloud services will necessarily also end up in their backup systems where they never should have been. They can possibly also be decrypted there because Apple can decrypt iCloud hosted data and have done so in multiple cases for law enforcement. When the data end up in a third party backup system it can also be restored to a different location and potentially be compromised.
This is also about Apple's integrity and trustworthiness. They pretend to have a holier-than-thou stance on privacy, yet completely fail to inform the customers that their data might migrate outside Apple facilities. NOT good!
How can you say something is generally assumed and then think it to be worth a lawsuit when you are incorrect?
For certain sensitive information, Apple uses end-to-end encryption. ... No one else, not even Apple, can access end-to-end encrypted information.Jul 3, 2019
Tim Cook used quite specific wording when asked about end-to-end encryption last year: The key question is how does the encryption process work and who owns the keys if anyone? IN MOST CASES (emphasis) for us, you and the receiver own the keys.” Note that he does not say ALL cases, but no clear idea why he doesn't.
My guess is it has something to do with China which is a special case. The fact that iMessage isn't being targeted by the Russians either as they are doing with other encrypted messaging services may also be indicative of some sort of agreement.
Apple is clear that they follow the law in every country where they do business and neither of those two countries permit end-to-end encrypted communications if the governments are not given a "key" or some other way of accessing it as needed for internal security and investigation.
Things are not always as we presume them to be, recent examples being this article for some, human listeners to Siri for others, and a reason ToS agreements and disclosures are written by teams of lawyers. No laws broken, just remember that PR speak and ToS word things differently. The ToS is a legal document.
Some people think it’s all or nothing. Either all user data is stored on Apple-owned servers, in Apple-owned data centers or it’s all at CSP’s. That’s not how it works in the real world. Companies commonly employ a ‘hybrid’ strategy to deliver services over the web. Apple delivering a service and while they have an obligation to ensure a user’s data is backed up and secure they make no agreement that user data will reside 100% on Apple owned/operated servers. I haven’t gone through the iCloud User Agreement, line for line, but I seriously doubt they make such a guarantee.
Apple has given the public the impression they store data in their own datacenters, and as Apple provides these services around the planet and customers in different countries should be informed where their data actually is stored so they can make informed decisions if they want to use the service or not. It probably also has lead customers to believe they got an increased level of privacy (as spouted by Apple marketing), when in reality they got closer to Amazon Web Services, Google and Microsoft base level. If I knew my iCloud data was stored on Google servers, I would have ended the iCloud subscription immediately.
But of course for ex-Compaq Tim Cook, he don't see the difference.
I think you are confusing your interpretation of what Apple said. They never said they owned the servers that house iCloud data, plus they don’t go into detail with the public on what data is stored on those specific servers. Plus the fact that they use encryption which so far no one has been able to defeat makes it hard to present a case in which the plaintiffs or you were harmed.
IANAL, but I have been asked to leave a Holiday Inn Express to avoid a drunken disorderly charge. Anywho. Funnily enough, the plaintiffs can use the exact argument you're incorrectly using to defend Apple: They never said they owned the servers housing the data. But did they imply it by stating: "When iCloud is enabled, your content will be automatically sent to and stored by Apple..."? It's an ambiguous statement that depends entirely on reader interpretation. In contract dispute, ambiguity favors the party who didn't write the contract. Also not helping Apple, the explicit (not ambiguous) nature of the Chinese agreement. They tell the Chinese user straight up - we're storing your data with these guys over here. Now that could be required legalese because they also store the encryption keys with the Chinese. Who knows. But they do something for the Chinese they don't do for other customers.
The encryption has nothing to do with whether or not the plaintiffs were harmed. The harm is described in the article. The claim states they were denied their right to make an informed decision about paid iCloud services because they were denied relevant information: Apple stores customer data on 3rd part servers. Again, IANAL, but I think it's safe to say the plaintiff's lawyers are going to juxtapose Apple's shaded dig at Google (We don't sell your data. You are not the product) against Apple's willingness to store that customer data on the servers of the "data seller".
>>> It's an ambiguous statement that depends entirely on reader interpretation. No. There is no interpretation here. Apple hasn’t said with the words “stored by Apple” anything about WHERE it is stored. What you claim Apple made believe is just you wishful thinking.
>>> ...on the servers of the “data seller”. AWS does not sell or even use your data. Even Google is not selling your personal data. This is all your fears.
Thats why people are afraid of terrorism. Even though the even chance to be struck by a lightning is higher.
Comments
If you walked into court to sue your day loan company because they charged you a 1000% interest, do you think “I didn’t bother to check” is a defence? Nope, it ain’t.
If you had anything more than fake concern for where Apple was storing data then the information was easy enough to find. The reason you didn’t is because, aside from scoring troll points, you didn’t actually care.
Did you bother to read Apple’s privacy page?
https://www.apple.com/privacy/approach-to-privacy/
No thought not. So why is it Apple’s fault you chose to bury your head in the sand?
Apple has made no secret that it uses a combination of its own servers (for iTunes, Messages, Apple Music) and third party servers (explicitly mentioned right there, for storage).
The encryption has nothing to do with whether or not the plaintiffs were harmed. The harm is described in the article. The claim states they were denied their right to make an informed decision about paid iCloud services because they were denied relevant information: Apple stores customer data on 3rd part servers. Again, IANAL, but I think it's safe to say the plaintiff's lawyers are going to juxtapose Apple's shaded dig at Google (We don't sell your data. You are not the product) against Apple's willingness to store that customer data on the servers of the "data seller".
Since it’s public knowledge — not that the public actually knows anything — that Apple’s iCloud services used cloud services software from Microsoft, AWS, IBM, and others depending on location (such as country), I’m not surprised that Apple is actually doing what they said they were doing.
I do remember years ago Apples attempt to build their own cloud services failed, because they were not successful in building such a system from scratch. They made it clear then that they would be using the cloud services from existing providers, implemented at Apple’s own data centers.
Apple's response was: "We guarantee absolutely 100% that our iCloud servers were never impacted".
But this illustrates the ludicrous nature of that statement: Since iCloud data was almost all stored on Amazon's servers, Tim had absolutely no way of knowing if those servers had been corrupted. None. Zero. Even if the story was proven to be false, Tim still cannot guarantee the integrity of servers he does not own and control.
I was taught a long time ago that nothing is completely safe -- if criminals want in badly enough, they will get in. The trick is to make it hard enough for them to make them go elsewhere. Apple has always projected that their security was the best around. But, since our iCloud data is sitting on Amazon servers, it is obviously no safer there than if it were stored on, well, an Amazon server.
While I admire Apple for having all or nearly all 100% renewable energy facilities, they should maybe focus more on developing their own facilities and get our data out of the hands of Amazon, Google and Microsoft.
https://www.apple.com/privacy/approach-to-privacy/
Oh, and before GoogleGuy jumps in with his usual “WaddaboutChina” trope, Apple has said, on more than one occasion, that Apple retains the keys for the Chinese data centres.
https://www.reuters.com/article/us-china-apple-icloud-insight/apple-moves-to-store-icloud-keys-in-china-raising-human-rights-fears-idUSKCN1G8060
Which means the Chinese government still has to make a request to Apple for the data. The difference is that they no longer have to go through the US courts (or any court for that matter) to get it. Because they have to make a request then Apple can keep track of them.
Between 2013 and 2017, the Chinese made 176 information requests. During the same period, the US government made 8475 requests, which is odd given the relative size of the countries’ populations.
What is really interesting is that Apple said ‘no’ to all the Chinese requests and ‘okay’ to over 2000 of the US requests, presumably because it was harder for the Chinese to get a court order for Chinese user data stored in the US. Now they don’t have that problem anymore, then it’ll be interesting to see how the numbers change, or if Apple continues to report them.
Fact is, the US spies on its citizens (and non-citizens), same as the Chinese, and neither country cares who knows it.
There is nothing to read except Timmy's public statements, bragging and virtue signaling on Apple privacy, while at the same time using the services he scorns for lacking privacy to store Apple customer data and produce the iCloud service.
Not even sure where to start...
Apple has ALWAYS used 3rd party data centers to store information, it wasn’t until recently - the last 7-10 years - that they started building out their own infrastructure to house their customers data.
It is widely known that Apple has been moving everything in house, which means, moving from a 3rd party to 1st party. Their first big move was building their own CDN (moving away from Akamai) for distributing iTunes content around the world, and then they began to build their owndata centers. The problem has always been that their user base grew much faster than they could keep up with. So they have not been able to bring EVERYTHING in house up to this point. And in case you haven’t noticed, recently every time they attempt to build a data center, it seems to get shot down by locals. This has happened several times in Europe. (And I’m sure we can find a discussion where you completely agreed with those locals.)
Furthermore, Apple has NEVER said they “house” all their customer data. As the article mentions the agreement says, “...sent to and stored by Apple”. That tells me all data is initially sent to Apple’s servers, and then stored by Apple, which could mean on their own servers or a 3rd party server. It does not ANYWHERE say stored “at” Apple. If Apple is leasing servers from a 3rd party and stores data on them, then that data is still being stored by Apple.
On top of that, what makes you think Amazon, Microsoft, or Google have access to any of that data? You seriously don’t think privacy and security are a part of the contract even for these data hungry companies?!? This isn’t the same thing as milking users, the last thing these companies want to do is screw with a giant corporation like Apple who’s probably paying them hundreds of millions of dollars. And you seriously don't think Apple encrypts that data before its stored on those servers?
I would never trust Google with my data, but I sure as hell would trust Apple to know what they’re doing, even if they’re using a 3rd party data center to store my data.
Haha!
You can't be serious!? You really think those same user-centric terms and services those companies offer are the same as the enterprise cloud hosting/server services? Do you really think Apple created a Google account and just started storing all their customer data on Google Drive. LOL And you make the assumption that Apple would store all their user data on a 3rd party server without encrypting it? The amount of ignorance and hate is unbelievable.
Look, I don't like Google or Amazon, or even Microsoft, and I would never trust any of my data with them, but the service they provide to Apple (and other companies) is NOT the same they would provide to you or me. And when offering that type of service you can in fact make the assumption that privacy and security is part of the deal. To think otherwise, well, is just stupid.
FWIW Apple very obviously trusts Google with your data, happily sending you to Google Search by default and delaying the cookie expiration when you do so by three days (as far as I remember reading) to accommodate legitimate advertisers and placement companies who may be using their services. Essentially Apple still allows Safari users to be served personalized ads in the near term, but being very careful that those searches aren't being remarketed by shadier 3rd parties later on, thus the quick cookie expirations.
So at the end of the day Apple trusts Google but you don't.
As is very often said here, I trust Apple knows better and you yourself say exactly the same. So why the disconnect, you don't really trust Apple knows better?
Anyway this lawsuit is a simple attempt at a money grab, no grounds for harm that I can see even if some users were paying more attention to PR than ToS. I seriously doubt the lawyers get anywhere with this.
How many bit encryption do you need to feel “secure”?
The key question is how does the encryption process work and who owns the keys if anyone? IN MOST CASES (emphasis) for us, you and the receiver own the keys.”
Note that he does not say ALL cases, but no clear idea why he doesn't.
My guess is it has something to do with China which is a special case. The fact that iMessage isn't being targeted by the Russians either as they are doing with other encrypted messaging services may also be indicative of some sort of agreement.
Apple is clear that they follow the law in every country where they do business and neither of those two countries permit end-to-end encrypted communications if the governments are not given a "key" or some other way of accessing it as needed for internal security and investigation.
Things are not always as we presume them to be, recent examples being this article for some, human listeners to Siri for others, and a reason ToS agreements and disclosures are written by teams of lawyers. No laws broken, just remember that PR speak and ToS word things differently. The ToS is a legal document.
No. There is no interpretation here. Apple hasn’t said with the words “stored by Apple” anything about WHERE it is stored.
What you claim Apple made believe is just you wishful thinking.
>>> ...on the servers of the “data seller”.
AWS does not sell or even use your data.
Even Google is not selling your personal data.
This is all your fears.
Thats why people are afraid of terrorism. Even though the even chance to be struck by a lightning is higher.
It’s just fear.